package com.bbcare.comm;

import org.apache.commons.lang.StringUtils;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class SimpleCORSFilter implements Filter {

    @Override
    public void destroy() {

    }

    /**
     * 跨域过滤器
     * @author jitwxs
     * @since 2018/10/16 20:53
     */

        @Override
        public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
            HttpServletResponse response = (HttpServletResponse) res;
            HttpServletRequest request = (HttpServletRequest) req;

            // 不使用*，自动适配跨域域名，避免携带Cookie时失效
            String origin = request.getHeader("Origin");
            if(StringUtils.isNotBlank(origin)) {
                response.setHeader("Access-Control-Allow-Origin", origin);
            }

            // 自适应所有自定义头
            String headers = request.getHeader("Access-Control-Request-Headers");
            if(StringUtils.isNotBlank(headers)) {
                response.setHeader("Access-Control-Allow-Headers", headers);
                response.setHeader("Access-Control-Expose-Headers", headers);
            }

            // 允许跨域的请求方法类型
            response.setHeader("Access-Control-Allow-Methods", "*");
            // 预检命令（OPTIONS）缓存时间，单位：秒
            response.setHeader("Access-Control-Max-Age", "3600");
            // 明确许可客户端发送Cookie，不允许删除字段即可
            response.setHeader("Access-Control-Allow-Credentials", "true");

            chain.doFilter(request, response);
        }


    @Override
    public void init(FilterConfig arg0) throws ServletException {

    }

}
